Wireless: WPA Supplicant

   
   
 network  
 system  
Authoring Mode Warning
This article series is under heavy development.
Most of the articles are not done yet.
Table of Content

Know My System.

Artix OpenRC.

Where to Discuss?

Preface

Goal: Examine wireless in system: device, driver, and interface.

Before we get into the popular NetworkManager, we should know that before 2020 NetworkManager depend on WPA Supplicant. wpa_supplicant was the only backend for NetworkManager. This is an old school tools, and we would explore this tools, so we do not get confused when we need to use it later on.

Reference

There is better reference for you:

WPA Passphrase

Generate Config

We can generate the config using command line.

❯ wpa_passphrase "E.R. Nurwijayadi" oyenyebus
network={
	ssid="E.R. Nurwijayadi"
	#psk="oyenyebus"
	psk=50a047c8ba8ff1f14bc7651ff1b6e4bb6e6682d4c218181461a3ae22b014b7ad
}

WPA: Passphrase

Passing Config Through Command

Then using root account, you can pass this config directly to wpa_supplicant command.

❯# wpa_supplicant -B -i wlan0 -c <(wpa_passphrase "E.R. Nurwijayadi" oyenyebus)
Successfully initialized wpa_supplicant

WPA: Passphrase: Complete

Hardcoded Configuration

It is a good idea to save the configuration, to make it reusable.

cat /etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=/run/wpa_supplicant GROUP=wheel
update_config=1

network={
  ssid="E.R. Nurwijayadi"
  # psk="oyenyebus"
  psk=50a047c8ba8ff1f14bc7651ff1b6e4bb6e6682d4c218181461a3ae22b014b7ad
  # mesh_fwding=1
}

WPA: Configuration

So this setting can be called anytime, by using either command line or as a service.

sudo wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf
Successfully initialized wpa_supplicant

WPA: wpa_supplicant: using config with root

Beware of the privileges.

❯ wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf
Successfully initialized wpa_supplicant
Could not set interface wlan0 flags (UP): Operation not permitted
nl80211: Could not set interface 'wlan0' UP
nl80211: deinit ifname=wlan0 disabled_11b_rates=0
wlan0: Failed to initialize driver interface
wlan0: CTRL-EVENT-DSCP-POLICY clear_all

WPA: wpa_supplicant: using config without root

Just do not forget the magic sudo word.

Privilege

Beware with piping when using sudo.

sudo wpa_supplicant -B -i wlan0 -c <(wpa_passphrase "E.R. Nurwijayadi" oyenyebus)
Successfully initialized wpa_supplicant
Failed to open config file '/proc/self/fd/13', error: No such file or directory
Failed to read or parse configuration '/proc/self/fd/13'.
: CTRL-EVENT-DSCP-POLICY clear_all

WPA: wpa_supplicant: sudo pipe fail

We can solve this issue with shell.

sudo sh -c 'wpa_supplicant -B -i wlan0 -c <(wpa_passphrase "E.R. Nurwijayadi" oyenyebus)'
Successfully initialized wpa_supplicant

WPA: wpa_supplicant: sh sudo pipe

Or you can use root account as well.

❯# wpa_supplicant -B -i wlan0 -c <(wpa_passphrase "E.R. Nurwijayadi" oyenyebus)
Successfully initialized wpa_supplicant

WPA: wpa_supplicant: su root pipe

Already Configured

When you have iwd or NetworkManager running, you will have this message.

❯# wpa_supplicant -B -i wlan0 -c <(wpa_passphrase "E.R. Nurwijayadi" oyenyebus)
Successfully initialized wpa_supplicant
nl80211: kernel reports: Match already configured
nl80211: kernel reports: Match already configured
nl80211: kernel reports: Match already configured
nl80211: kernel reports: Match already configured
nl80211: kernel reports: Match already configured

WPA: Passphrase: NM CLI

Running WPA Supplicant

We can either run WPA supplicant using wpa_supplicant command, or using init such as systemd.

Using systemd

As usual command.

sudo systemctl enable wpa_supplicant
Created symlink /etc/systemd/system/dbus-fi.w1.wpa_supplicant1.service → /usr/lib/systemd/system/wpa_supplicant.service.
Created symlink /etc/systemd/system/multi-user.target.wants/wpa_supplicant.service → /usr/lib/systemd/system/wpa_supplicant.service.

WPA: wpa_supplicant: systemctl enable

And also start.

sudo systemctl start wpa_supplicant

WPA: wpa_supplicant: systemctl start

You can also check the status of the wpa_supplicant service.

sudo systemctl status wpa_supplicant
● wpa_supplicant.service - WPA supplicant
     Loaded: loaded (/usr/lib/systemd/system/wpa_supplicant.service; enabled; preset: disabled)
     Active: active (running) since Sun 2023-07-16 05:09:07 WIB; 34s ago
   Main PID: 487 (wpa_supplicant)
      Tasks: 1 (limit: 18837)
     Memory: 3.2M
        CPU: 2ms
     CGroup: /system.slice/wpa_supplicant.service
             └─487 /usr/bin/wpa_supplicant -u -s -O /run/wpa_supplicant

Jul 16 05:09:07 utama systemd[1]: Starting WPA supplicant...
Jul 16 05:09:07 utama systemd[1]: Started WPA supplicant.
Jul 16 05:09:07 utama wpa_supplicant[487]: Successfully initialized wpa_supplicant

WPA: wpa_supplicant: systemctl status

Using Command

We have seen before.

sudo sh -c 'wpa_supplicant -B -i wlan0 -c <(wpa_passphrase "E.R. Nurwijayadi" oyenyebus)'
Successfully initialized wpa_supplicant

WPA: wpa_supplicant: sh sudo pipe

Debugging

This command line can be useful for debugging. For example this command. Would produce very long message.

sudo sh -c 'wpa_supplicant -B -d -i wlan0 -c <(wpa_passphrase "E.R. Nurwijayadi" oyenyebus)'
wpa_supplicant v2.10
Successfully initialized wpa_supplicant
Initializing interface 'wlan0' conf '/dev/fd/63' driver 'default' ctrl_interface 'N/A' bridge 'N/A'
Configuration file '/dev/fd/63' -> '/dev/fd/63'
Reading configuration file '/dev/fd/63'
Priority group 0
   id=0 ssid='E.R. Nurwijayadi'
nl80211: TDLS supported
nl80211: TDLS external setup
...
MBO: Update non-preferred channels, non_pref_chan=N/A
wlan0: Added interface wlan0
wlan0: State: DISCONNECTED -> DISCONNECTED
nl80211: Set wlan0 operstate 0->0 (DORMANT)
netlink: Operstate: ifindex=3 linkmode=-1 (no change), operstate=5 (IF_OPER_DORMANT)
Daemonize..

WPA: wpa_supplicant: debugging

WPA: wpa_supplicant: debugging

WPA: wpa_supplicant: debugging

WPA: wpa_supplicant: debugging

WPA CLI

This section is under construction.

Summary

As a summary, here is the command to activate a network.

> scan
> scan_results

> add_network
> list_networks

> set_network 0 ssid "E.R. Nurwijayadi"
> set_network 0 psk "oyenyebus"

> select_network 0
> enable_network 0

Running

sudo wpa_cli
wpa_cli v2.10
Copyright (c) 2004-2022, Jouni Malinen <j@w1.fi> and contributors

This software may be distributed under the terms of the BSD license.
See README for more details.


Selected interface 'wlan0'

Interactive mode

>

WPA CLI: Running

WPA CLI: Not Running

Scan

> scan
OK
<3>CTRL-EVENT-SCAN-STARTED 
<3>CTRL-EVENT-SCAN-RESULTS

WPA CLI: Scan

> scan_results
bssid / frequency / signal level / flags / ssid
60:7e:cd:d2:1a:e8	2427	-66	[WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][ESS]	HUAWEI-yVkA
80:3f:5d:ca:fb:2b	2412	-89	[WPA-PSK-CCMP][WPA2-PSK+FT/PSK-CCMP][ESS]	WTWTWT
b4:0f:3b:4a:c5:e1	2422	-85	[WPA-PSK-CCMP][WPA2-PSK-CCMP][ESS]	cotomakassar
90:91:64:1c:1d:25	2437	-85	[WPA2-PSK-CCMP][WPS][ESS]	ambonmania-EXT
3c:84:6a:2a:6e:6b	2462	-57	[WPA2-PSK-CCMP+TKIP][ESS]	Whitewood_EXT
a0:f4:79:87:8f:a6	2462	-61	[WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][WPS][ESS]	Whitewood
44:55:b1:aa:0f:6c	2412	-80	[WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][ESS]	HUAWEI-HTAs
c0:bf:c0:19:08:0c	2442	-90	[WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][ESS]	RumahAspirasiMaluku
3c:84:6a:2a:6e:6a	5180	-72	[WPA2-PSK-CCMP+TKIP][ESS]	Whitewood_5GEXT
80:3f:5d:ca:f9:0b	2462	-90	[WPA-PSK-CCMP][WPA2-PSK+FT/PSK-CCMP][ESS]	WTWTWT
58:6d:8f:8f:3a:d4	2462	-94	[WPA2-PSK-CCMP][WPS][ESS]	EDA
30:23:03:c2:ab:2b	2467	-92	[WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][WPS][ESS]	merapi1
80:3f:5d:ca:e5:c7	2452	-94	[WPA-PSK-CCMP][WPA2-PSK+FT/PSK-CCMP][ESS]	WTWTWT
1e:77:f6:4c:0d:31	2442	-32	[WPA2-PSK-CCMP][WPS][ESS]	E.R. Nurwijayadi
24:9e:ab:ef:46:c0	2427	-91	[WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][ESS]	RAKHA

WPA CLI: Scan Result

Network Setting

> list_networks
network id / ssid / bssid / flags
0	E.R. Nurwijayadi	any

WPA CLI: List Network 0

> add_network
1
<3>CTRL-EVENT-NETWORK-ADDED 1

WPA CLI: Add Network

> list_networks
network id / ssid / bssid / flags
0	E.R. Nurwijayadi	any	[CURRENT]
1		any	[DISABLED]

WPA CLI: List Network 1

Connexion Setting

> set_network 0 ssid "E.R. Nurwijayadi"
OK

WPA CLI: Set SSID

> set_network 0 psk "oyenyebus"
OK

WPA CLI: Set PSK

Activate Network

> select_network 0
OK

WPA CLI: 

> enable_network 0
OK

WPA CLI: 

> enable_network 0
OK

<3>CTRL-EVENT-SIGNAL-CHANGE above=0 signal=-89 noise=9999 txrate=104000
<3>CTRL-EVENT-SCAN-STARTED 
<3>CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-64 noise=9999 txrate=104000
<3>CTRL-EVENT-SCAN-RESULTS 
<3>CTRL-EVENT-DO-ROAM cur_bssid=a0:f4:79:87:8f:a6 cur_freq=2462 cur_level=-66 cur_est=62400 sel_bssid=1e:77:f6:4c:0d:31 sel_freq=2442 sel_level=-32 sel_est=65000
<3>SME: Trying to authenticate with 1e:77:f6:4c:0d:31 (SSID='E.R. Nurwijayadi' freq=2442 MHz)
<3>CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
<3>Trying to associate with 1e:77:f6:4c:0d:31 (SSID='E.R. Nurwijayadi' freq=2442 MHz)
<3>Associated with 1e:77:f6:4c:0d:31
<3>CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
<3>WPA: Key negotiation completed with 1e:77:f6:4c:0d:31 [PTK=CCMP GTK=CCMP]
<3>CTRL-EVENT-CONNECTED - Connection to 1e:77:f6:4c:0d:31 completed [id=0 id_str=]
<3>CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-33 noise=9999 txrate=52000

WPA CLI:

Disconnect

> disconnect
OK
<3>CTRL-EVENT-DISCONNECTED bssid=1e:77:f6:4c:0d:31 reason=3 locally_generated=1
<3>CTRL-EVENT-DSCP-POLICY clear_all
<3>CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
>

WPA CLI:

WPA CLI:

Running

WPA CLI:

What is Next 🤔?

After the WPA Supplicant in post arch setup. We can go right away to network manager for easy to use in daily basis.

Consider continue reading [ Wireless: Network Manager ].